package com.qf.shiro20230208.config;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
public class ShiroConfig {
//    @Bean
//    public Realm realm(){
//
//        return new AuthorizingRealm() {
//            /**
//             * 通过这个方法给shiro提供当前用户认证信息
//             * @param authenticationToken
//             * @return
//             * @throws AuthenticationException
//             */
//            @Override
//            protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
//                return null;
//            }
//
//            /**
//             * 通过这个方法向shiro提供当前用户的权限相关信息
//             * @param principalCollection
//             * @return
//             */
//            @Override
//            protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
//                return null;
//            }
//        };
//
//    }
    @Bean
    public ShiroFilterChainDefinition shiroFilterChainDefinition(){
        final DefaultShiroFilterChainDefinition definition = new DefaultShiroFilterChainDefinition();
        //无需登陆可访问
        definition.addPathDefinition("/a.html","authc");
        //需要登陆访问
        definition.addPathDefinition("/c.html","authc,roles[admin]");

        // url需要当前用户拥有document:read权限才可以访问
        definition.addPathDefinition("/b.html","perms[document:read]");
        // url无需登录即可访问
        definition.addPathDefinition("/user/login","anon");
        definition.addPathDefinition("/error","anon");
        //默认大部分需要登陆

        //如下配置代表/home资源可以使用免登陆
        definition.addPathDefinition("/home.html","user");

        definition.addPathDefinition("/**","authc");



        return definition;
    }
    @Bean
    public Realm realm(){
        final CustomRealm customRealm = new CustomRealm();
        return customRealm;
    }
}
